Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/MJqyCZYJU84DCF15GrKwHN17GKw.roa
File:                     MJqyCZYJU84DCF15GrKwHN17GKw.roa (raw, json)
Hash identifier:          8TcPgb2pAgyz+Tj6jhnX5sg3TiuSTNHQck5r1DhMZ/M=
Subject key identifier:   30:9A:B2:09:96:09:53:CE:03:08:5D:79:1A:B2:B0:1C:DD:7B:18:AC
Certificate issuer:       /CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
Certificate serial:       FFEF7D
Authority key identifier: 0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/MJqyCZYJU84DCF15GrKwHN17GKw.roa
Signing time:             Tue 05 Apr 2022 09:29:57 +0000
ROA not before:           Tue 05 Apr 2022 09:29:57 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     7155
IP address blocks:        37.9.176.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16772989 (0xffef7d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f671fec38f00c402f3066f13c792e1a0ed16db3
        Validity
            Not Before: Apr  5 09:29:57 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=309ab209960953ce03085d791ab2b01cdd7b18ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:6b:fb:32:83:23:ab:1d:33:11:25:77:04:d5:
                    90:37:08:c6:f9:22:76:c7:ef:a2:1f:d9:5b:27:7a:
                    47:70:51:ed:d7:6e:7d:d3:35:30:26:e4:6b:aa:e9:
                    41:95:ee:99:dd:b4:01:84:3c:e3:d0:54:38:11:5a:
                    f3:01:1e:91:c1:79:84:99:15:c1:12:22:02:42:b4:
                    72:32:58:13:f8:75:64:5e:26:24:57:0b:2d:8b:e0:
                    bf:cd:93:ce:f8:f2:19:7a:dc:2c:75:80:bb:44:be:
                    0d:99:00:3b:a3:34:3f:9e:d9:58:a9:b6:13:72:26:
                    3e:dc:e7:4c:00:4e:52:7d:56:26:d5:90:16:8e:a6:
                    9e:33:9f:62:c2:42:39:45:2c:e4:dd:53:98:5f:57:
                    c6:07:9c:ad:65:12:a7:76:40:43:b6:d7:99:c8:52:
                    e6:e4:5d:81:19:7d:3b:1b:06:58:b6:17:07:25:92:
                    84:45:ba:32:d9:07:f2:18:45:eb:10:7f:93:ce:2d:
                    22:29:d9:f7:59:ae:12:d3:22:e6:14:4b:88:83:b4:
                    c2:18:52:b3:68:da:3c:76:08:ad:08:72:3e:79:8c:
                    8c:8b:7d:24:0f:05:ed:4c:87:0c:4c:5a:88:15:af:
                    9d:20:15:13:3a:59:46:2e:b6:75:b5:54:cf:70:06:
                    ad:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:9A:B2:09:96:09:53:CE:03:08:5D:79:1A:B2:B0:1C:DD:7B:18:AC
            X509v3 Authority Key Identifier:
                keyid:0F:67:1F:EC:38:F0:0C:40:2F:30:66:F1:3C:79:2E:1A:0E:D1:6D:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2cf7DjwDEAvMGbxPHkuGg7RbbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/MJqyCZYJU84DCF15GrKwHN17GKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/49bb69-dff9-448e-a8a2-977305c70051/1/D2cf7DjwDEAvMGbxPHkuGg7RbbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.9.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         04:a9:6f:72:92:f4:15:89:98:04:b5:1b:fd:ff:58:0d:78:c1:
         14:23:65:7f:1b:62:18:c8:dc:fe:37:97:13:45:50:12:65:dc:
         29:26:c4:8e:86:e9:0d:1b:47:da:00:c8:13:95:df:0a:23:f5:
         f2:71:46:0a:dd:3d:50:22:80:b5:d6:03:2c:2d:40:b9:40:30:
         2d:50:10:17:37:b2:a9:d1:c8:78:e1:53:01:46:01:37:a1:de:
         d8:33:e7:d8:3a:d2:31:fa:c5:ea:32:b9:ea:9f:ad:3a:8c:47:
         e5:91:17:3e:88:c3:09:e5:b1:17:34:91:cd:70:30:d3:87:a1:
         41:d4:cb:e1:ea:a3:75:0f:d3:f1:4c:05:fb:7c:0b:7e:4d:da:
         28:99:00:9a:d4:72:e1:ec:b7:00:df:71:71:64:75:2a:7f:8c:
         08:35:5e:a5:e7:ae:82:a4:bb:c5:27:eb:3c:cb:3c:39:f3:ad:
         ff:fe:88:f4:cb:d4:1e:d9:62:bb:ef:c7:ba:b2:07:b5:bc:cf:
         20:57:6f:d5:81:32:71:e8:8d:44:97:35:da:e6:07:11:18:45:
         ff:a4:86:0d:f2:49:61:2a:de:53:40:c1:11:e2:46:cb:a0:16:
         0a:dc:d7:0e:e7:53:1f:5c:2b:13:c8:49:67:09:0c:02:12:bc:
         53:ac:b9:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAP/vfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY3MWZlYzM4ZjAwYzQwMmYzMDY2ZjEzYzc5MmUxYTBlZDE2ZGIzMB4XDTIyMDQw
NTA5Mjk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA5YWIyMDk5NjA5
NTNjZTAzMDg1ZDc5MWFiMmIwMWNkZDdiMThhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNr+zKDI6sdMxEldwTVkDcIxvkidsfvoh/ZWyd6R3BR7ddu
fdM1MCbka6rpQZXumd20AYQ849BUOBFa8wEekcF5hJkVwRIiAkK0cjJYE/h1ZF4m
JFcLLYvgv82TzvjyGXrcLHWAu0S+DZkAO6M0P57ZWKm2E3ImPtznTABOUn1WJtWQ
Fo6mnjOfYsJCOUUs5N1TmF9XxgecrWUSp3ZAQ7bXmchS5uRdgRl9OxsGWLYXByWS
hEW6MtkH8hhF6xB/k84tIinZ91muEtMi5hRLiIO0whhSs2jaPHYIrQhyPnmMjIt9
JA8F7UyHDExaiBWvnSAVEzpZRi62dbVUz3AGrbMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwmrIJlglTzgMIXXkasrAc3XsYrDAfBgNVHSMEGDAWgBQPZx/sOPAMQC8w
ZvE8eS4aDtFtszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyY2Y3RGp3REVBdk1HYnhQSGt1R2c3UmJiTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8x
L01KcXlDWllKVTg0RENGMTVHckt3SE4xN0dLdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NDliYjY5LWRmZjktNDQ4ZS1hOGEyLTk3NzMwNWM3MDA1MS8xL0QyY2Y3RGp3REVB
dk1HYnhQSGt1R2c3UmJiTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyUJsDANBgkqhkiG9w0BAQsFAAOC
AQEABKlvcpL0FYmYBLUb/f9YDXjBFCNlfxtiGMjc/jeXE0VQEmXcKSbEjobpDRtH
2gDIE5XfCiP18nFGCt09UCKAtdYDLC1AuUAwLVAQFzeyqdHIeOFTAUYBN6He2DPn
2DrSMfrF6jK56p+tOoxH5ZEXPojDCeWxFzSRzXAw04ehQdTL4eqjdQ/T8UwF+3wL
fk3aKJkAmtRy4ey3AN9xcWR1Kn+MCDVepeeugqS7xSfrPMs8OfOt//6I9MvUHtli
u+/HurIHtbzPIFdv1YEyceiNRJc12uYHERhF/6SGDfJJYSreU0DBEeJGy6AWCtzX
DudTH1wrE8hJZwkMAhK8U6y5pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:56 2024 by rpki-client on console-ams.rpki-client.org